Summary: North Korean hackers are exploiting Zoom’s Remote Control feature to install malware on the devices of cryptocurrency investors by masquerading as legitimate business contacts. This attack utilizes social engineering tactics, making targets inadvertently grant remote access during what appears to be legitimate meetings. The malware deployed can exfiltrate sensitive information, resulting in significant financial losses.
Affected: Cryptocurrency traders and venture investors
Keypoints :
- North Korean hackers, under the operation named Elusive Comet, pose as venture capitalists to lure targets into fraudulent Zoom meetings.
- Attackers exploit the Zoom Remote Control feature, manipulating the permission dialog to obscure their actions and trick victims into granting access to their devices.
- The technique reflects broader trends in cybersecurity, highlighting the vulnerability of human-centric attacks over traditional technical exploits.